Chapter 14 Operating Systems

MCTS Guide to Microsoft Windows 7
Chapter 14 Remote Access
Objectives
Understand remote access and remote control features in Windows 7 Understand virtual private networking features in Windows 7 Describe DirectAccess technology as an alternative to virtual private networking Understand how Remote Desktop is used Understand how Remote Assistance supports users
MCTS Guide to Microsoft Windows 7 2
Objectives (cont'd.)
Describe BranchCache technology to minimize WAN traffic for remote branch users Understand Sync Center Describe Mobility Center
Remote Access and Remote Control Overview

Remote access
Consists of:
Dedicated computer acting as a remote access server Other computers (the mobile computers) configured to link to the server
Allows remote access clients to access resources local to the remote access server
Link can be established over a dial-up connection or a TCP/IP network
Remote Access and Remote Control Overview (cont'd.)

Remote control
Remote client uses remote control software to send keyboard and mouse commands
To the computer being remotely controlled
Commands are processed on the remote controlled computer Remote client is sent a visual update of the screen from the remotely controlled computer
Remote Access Dial-Up Connectivity

Remote clients connect to a remote access server through a Wide Area Network (WAN) Windows 7 supports both analog and ISDN dial-up connections
Dial-Up Protocols
Windows 7 supports the industry standard Point-toPoint Protocol (PPP)
For end-to-end communications between a remote client and remote server using dial-up connections
PPP has the ability to carry different protocols within PPP data packets
Including TCP/IP data
Analog Dial-Up Connections

Public Switched Telephone Network (PSTN)
Also called Plain Old Telephone System (POTS) Designed to carry human voices from one phone to another as an analog signal
Analog dial-up modem

Converts digital information into analog form
Compatible with delivery over the PSTN
Main disadvantage of analog dial-up is that it is slow

Transferring below 100,000 bits of data per second
Analog Dial-Up Connections (cont'd.)

Remote access server must have one modem per dial-up client that is connected at the same time
Each modem requires a separate phone line
Steps for configuring dial-up networking:

Install an analog dial-up modem in the client computer Configure dialing rules for phone and modem options Create a connection to a remote access server Review dial-up connection properties Configure optional advanced settings

Install an Analog Dial-Up Modem
Analog dial-up modems must be installed and their supporting hardware driver must be fully functional
Before any other configuration steps are performed
Configure Dialing Rules for Phone and Modem Options

Windows 7 can control the dialing process
Based on where a user and computer are physically located by using dialing profiles
Define at least one location-based dialing profile


Configure Dialing Rules for Phone and Modem Options (cont'd.)
Dialing rules are defined through the Phone and Modem Options Control Panel applet
Create a Connection to a Remote Access Server

Connection requires the phone number and usually a username and password Activate the Set up a Connection or Network wizard Must know remote access servers dialing information
14
15
16
17

Review Dial-Up Connection Properties
Access Network and Sharing Center from Control Panel
Follow the link to Change adapter settings
Open the Network Connections window

Shows the network connections defined
Edit the properties of the dial-up connection

General tab Configure devices for the connection and phone numbers used to dial the connection
19
20
21

Review Dial-Up Connection Properties (cont'd.)
Edit the properties of the dial-up connection (cont'd.)
Options tab Changes the behavior of the dial-up connection while it is connecting Security tab Controls the behavior of the dial-up connection while it is connecting
22
23
24

Review Dial-Up Connection Properties (cont'd.)
Edit the properties of the dial-up connection (cont'd.)
Security tab If Extensible Authentication Protocol (EAP) is enabled, then EAP-MSCHAP v2 is the default logon security method Password Authentication Protocol (PAP) transfers user credentials in plain text and is not a secure authentication protocol Networking tab Shows the network communication components used by the connection
26

Configure Optional Advanced Settings
Remote Access Preferences
Autodial Defines which connection is automatically triggered if the computer tries to connect to a network Callback Allows the user to configure how their client requests or responds to offers of a callback Diagnostics Enable logging for a dial-up connection
28
29
30
31

Configure Optional Advanced Settings (cont'd.)
Operator-Assisted Dialing
When enabled, any network connection that is activated will first display a connection window Gives the user time to contact the operator and prepare the phone connection
Interactive Logon and Scripting

Show terminal window option opens a terminal window when the connection is being established Run script option is used to define a script that runs as part of the connection process
33
Remote Access VPN Connectivity

Data transmitted over the public network can be recorded or modified
By individuals with criminal or mischievous intent
Secure point-to-point connection can be created using VPN technology VPN technology
Similar to remote access in that a server and client form the two endpoints of a connection Different from a remote access connection in that it protects the data transferred between its endpoints
Remote Access VPN Connectivity (cont'd.)
35
VPN Protocols
Communication protocols
Called tunneling protocols Manage virtual private link and encrypt its data
Point-to-Point Tunneling Protocol (PPTP)

Allows IP-based networks to deliver PPP packets by encapsulating them in IP packets IP packets can be routed through public networks PPTP can be used with TCP/IPv4 and TCP/IPv6 networks
36
VPN Protocols (cont'd.)
37

Layer 2 Tunneling Protocol (L2TP)
Encapsulates PPP packets to be sent over IP network connections Started as a combination of PPTP and Layer 2 Forwarding (L2F) tunneling protocols IPSec provides encryption for L2TP connections L2TP can be used with TCP/IPv4 and TCP/IPv6 networks
Secure Socket Tunneling Protocol (SSTP)

Allows IP-based networks to deliver traffic through firewalls that would otherwise block PPTP and L2TP

Internet Key Exchange v2 Tunneling Protocol (IKEv2)
Standardizes the use of the IPSec protocol to establish a Security Association (SA) between the VPN client and server IKEv2 Mobility and Multihoming Protocol (MOBIKE)
Allows a VPN client to lose its network connection and still reconnect to its original SA once network connectivity is restored
39
Creating a VPN Connection

Before creating a VPN client connection, consider:
VPN server must identify if it is using a IKEv2, SSTP, PPTP or L2TP connection Encryption and authentication methods used by the VPN client and server must be compatible IP connection path must exist between the VPN server and the VPN client VPN client must know the address of the VPN server on the IP network
More than one VPN connection can be defined

Creating a VPN Connection (cont'd.)

Define a VPN connection
Activate the Set up a connection or network wizard
Set up a VPN connection windows options

Internet address Destination name Use a smart card Allow other people to use this connection Dont connect now; just set it up so I can connect later
Enter users identity

42
43
44
Configuring a VPN Connection

Additional settings are available to refine the VPN connections properties Use the Network Connections window VPN connections properties
General tab is used to configure
Host name or IP address Dial another connection first Dial-up connection list
Security tab has the option of specifying the type of VPN tunneling protocol to use for a connection
Configuring a VPN Connection (cont'd.)
46
47
48

VPN connections properties (cont'd.)
Networking tab identifies the network communication components Sharing tab allows the VPN connection to be shared and controlled
By other users on the computers local network
49
50
51
DirectAccess
Windows 7 can work together with Windows Server 2008 R2 Users are provided with the same experience working remotely as they would have working in the office DirectAccess activates itself before the user logs on the computer DirectAccess can limit which applications and resources the user is allowed to access
52
Remote Desktop
Remote Desktop Protocol (RDP)
Designed to carry remote control session data efficiently and securely
Between the client and server involved in a remote control session
Remote Desktop client

Software that is used to remotely control a Windows 7 computer Available as a stand-alone client application and as a Web client
Stand-Alone Remote Desktop Client

Most commonly used version of the client New version designed specifically for Windows 7 and Windows Server 2008 R2 Improvements include:
Support for Network Access Protection client updates Bidirectional audio Remote application task scheduler can automatically start remote applications Ability to support up to 16 multiple monitors Support for Aero glass
Stand-Alone Remote Desktop Client (cont'd.)

General Settings
Found in the Start menu as a menu item in the Accessories subfolder Several optional settings are available
Display Settings
Configure the screen settings to set the local experience during the remote control session Increase the resolution and color settings with caution
Amount of data increases
56

Local Resource Settings
Allows the remote user to define which local resources are available inside the remote control session
Program Settings
Defines one specific program that should run each time the connection is established
Experience Settings
Used to adjust factors that impact the remote control session experience
58
59

Advanced Settings
Includes a section for server authentication Feature is only supported if the remote client and the remotely controlled computer use Network Level Authentication Network Level Authentication
Security protocol used by clients and servers to prove their identity before data connection is set
Command-Line Options
Available only by running the remote desktop client program MSTSC.EXE directly from the command line
61
RemoteApp and Remote Desktop Web Access

RemoteApp
Allows the publishing of remote applications
Remote Desktop Web Access

Presents RemoteApps and remote connections to the user in one Web-based resource
62
Remote Assistance
Allows a user to send an invitation to a remote user using instant messaging or e-mail
Invites them to remotely connect to the local computer
They can establish a secure remote connection to view what is happening on the desktop Local user can electronically chat with the person providing remote assistance Remote user can optionally be granted complete keyboard and mouse control
During the remote assistance session
Remote Assistance (cont'd.)

Windows Remote Assistance wizard
Accessed by clicking the Windows Remote Assistance link in Help and Support
Can give a remote user the ability to access sensitive information and settings on a computer Invitation to use remote assistance is password protected
Unique password selected for that specific invitation
64
65

Remote client can be running Windows XP or Windows Server 2003 at a minimum Remote assistance control window has button controls to activate:
Chat window, file transfer, and control desktop sharing
66
BranchCache
BranchCache
Allows remote office users to speed up their access to information
Requires that clients interact with servers running Windows Server 2008 R2 as a minimum BranchCache can operate in two modes:
Hosted Cache mode Distributed Cache mode
Servers at head office track the content of cached data using identifiers and metadata
Sync Center
When a computer is portable, one of the problems is making sure a user still has access to his/her data Windows 7 provides Sync Center as a central control mechanism Sync Center window lists all of the data sources that need to be cached on the local computer Resource must be compatible with the Sync Center to be available as an item to track and synchronize
68
Sync Center (cont'd.)
69
Mobility Center
Windows 7 places controls for mobile computer features in one single window Typical controls found in the Mobility Center include:
Battery status and power management Wireless network configuration Display configuration Synchronization settings Presentation settings
70
Summary
Windows 7 supports both remote access and remote control Dial-up remote access can be done with a modem and regular phone line or ISDN VPN connections allow you to securely access data over the Internet DirectAccess allows Windows 7 Enterprise clients to connect to corporate intranet resource without a VPN while they are outside the corporate network Remote control client functionality has been enhanced to support server authentication
Summary (cont'd.)
Remote Assistance is a software tool to ask trusted users to connect over the network and provide help BranchCache helps speed up performance for users in remote branch offices that do not have the same access to corporate data as other users in the main office Sync Center allows mobile users to quickly and easily synchronize network content on the mobile computer Mobility Center is a feature available only on Mobile computer

Chapter 14 Operating Systems

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Chapter 14 Operating Systems

Hochgeladen von

Copyright:

Verfügbare Formate

MCTS Guide to Microsoft Windows 7

Chapter 14 Remote Access

MCTS Guide to Microsoft Windows 7

Remote Access and Remote Control Overview

Link can be established over a dial-up connection or a TCP/IP network

MCTS Guide to Microsoft Windows 7

Remote Access and Remote Control Overview (cont'd.)

MCTS Guide to Microsoft Windows 7

Remote Access and Remote Control Overview (cont'd.)

MCTS Guide to Microsoft Windows 7

Remote Access and Remote Control Overview (cont'd.)

MCTS Guide to Microsoft Windows 7

Remote Access Dial-Up Connectivity

MCTS Guide to Microsoft Windows 7

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections

Analog dial-up modem

Main disadvantage of analog dial-up is that it is slow

Analog Dial-Up Connections (cont'd.)

Steps for configuring dial-up networking:

Analog Dial-Up Connections (cont'd.)

Configure Dialing Rules for Phone and Modem Options

Define at least one location-based dialing profile

Analog Dial-Up Connections (cont'd.)

Create a Connection to a Remote Access Server

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

Open the Network Connections window

Edit the properties of the dial-up connection

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

MCTS Guide to Microsoft Windows 7

Analog Dial-Up Connections (cont'd.)

Interactive Logon and Scripting

Analog Dial-Up Connections (cont'd.)